Saturday, August 1, 2009

By seeing this url we can understand that this site is developed using php, and we can understand coding/database table upto some extent. For example, if you change id value to some invalid value instead of 10 we will get some error message/query which may give some details about database table.

So, the hackers can easily attack this server.

Assume that this url is used for showing article about "computers", the search engines such as Google and Yahoo are not having any clue to show this topic when user searches "computers".And, many Search engines won't index this page, because they couldn't read the url after the "?" mark.

Similarly for users also it is difficult to remember that the id "10" is for showing the topic "computers".

mod_rewrite extension of Apache can be used for making this url into another format which will be more safe, search engine friendly and user friendly.

i-e mod_rewrite will be used to rewrite the above url as http://site.com/computers-10.html

This new format will be user-friendly. Because, the user can easily select/identify this url from browser address bar if they have already visited this url.

It will be search-engine friendly, because there is no "?" in this url, and it includes keyword "computers".

It will be more secure, because the attacker can not predict the technology (php or asp) used for developing this url.

Mod_rewrite is really powerful if you are familiar with the regular expressions.

mod_rewrite should be enabled in your apache server for creating this SEO friendly url or pretty url.

You can verify it by displaying phpinfo(); in a php file. If it enabled then mod_rewrite will show as loaded module in phpinfo.

If it is not enabled, you should enable it by doing below steps.

Find the httpd.conf file (usually you will find it in a folder called conf, config or something along those lines)

Inside the httpd.conf file uncomment the line LoadModule rewrite_module modules/mod_rewrite.so (remove the pound '#' sign from in front of the line)

Also find the line ClearModuleList is uncommented then find and make sure that the line AddModule mod_rewrite.c is not commented out.

First you need to create a file called .htaccess and place it exactly in the folder where you want the rewriting to take effect (it will also take effect over all subfolders).

* In case you already have a .htaccess file you can simply add the lines to it (if it already has mode_rewrite directives you can mess them however).

* Open it in a simple text editor an start with:

Options +FollowSymLinksRewriteEngine on

Now the rewrite engine is switched on. You can now start adding as many rewrite rules as you want. The format is simple:

RewriteRule rewrite_from rewrite_to

Here "RewriteRule" is static text, i.e. you should not change. "rewrite_from" is the address which will be typed in the browser and "rewrite_to" - which page the server will actually activate.

Below are some examples which should make the working of mod_rewrite clearer.

For example , the url like,

www.domain.com/index.php but you want to pretty url like this for SEO friendly, www.domain.com/index.html.

The rewrite rule on this url is,

RewriteRule ^index.html$ index.php [L]

- ^ character marks the beginning. I.e. you tell the server that it should not expect anything before it.

- $ specify the end

- L Tells Apache to not process any more RewriteRules if this one was successful.

Lets go to see if the urls have query string parameter, how to handle it.

Your url have string like this, index.php?field_name=name&row_id=11&field_value=value and you want the url

We should start from more specific condition and should end with more general condition while writing regular expressions.

We used mod_rewrite for creating pretty url in our score results project.Some hosting companies won't enable mod_rewrite in their servers. So, in this case we can not use Apache mod_rewrite for creating SEO friendly urls.

I'm impressed. You're truly well informed and very intelligent. You wrote something that people could understand and made the subject intriguing for everyone. I'm saving this for future use.Website Development Portfolio